Hackers Pilfer Trade Secrets In ThyssenKrupp Cyber Attack

The very real risks to businesses posed by cyber attacks has been starkly illustrated with the news that German conglomerate ThyssenKrupp had its trade secrets stolen by hackers.

The firm admitted in a statement that technical trade secrets were stolen from the steel production and manufacturing plant design divisions.

And it said the cyber attack was ‘professional’ and the hackers are likely from the Southeast Asian region.

Industrial Espionage

ThyssenKrupp said it was cooperating closely with the German organisation for cyber security DCSO, after it discovered the breach, and has also notified state authorities and the police.

“According to our analyses, the aim was essentially to steal technological know-how and research from some areas of Business Area Industrial Solutions (espionage),” said the firm in a statement. “Systems of Business Area Steel Europe were also affected. Specially secured IT systems for especially critical have not been concerned (e.g IT of Business Unit Marine Systems or production IT of blast furnaces and power plants in Duisburg).”

In 2014 for example, a blast furnace at a steelworks in Germany was badly damaged by a cyber attack. That attack resulted in “massive damage to machinery” at the unnamed German steel mill.

“There have been no signs of sabotage and no signs of manipulation of data and applications or other sabotage,” said ThyssenKrupp. “The attack was discovered, continuously observed and analysed by thyssenkrupp´s CERT.”

It said the attacked IT systems are now under 24/7 monitoring to detect any new attempted attacks.

“At present there is no reliable estimation as to the damage (e.g. loss of intellectual property) caused by the attack,” said ThyssenKrupp. “It has been noted that fragments of data have been stolen in the areas involved in the attack. Content of this loss of data is not clear yet, with the exception of certain project data in an operative engineering company.”

And the firm was keen to stress that the attack was not a result of security deficiencies at Thyssenkrupp, and human error has also be ruled out.

“Experts say that in the complex IT landscapes of large companies, it is currently virtually impossible to provide viable protection against organized, highly professional hacking attacks,” it said. “Early detection and timely countermeasures are crucial in such situations. Thyssenkrupp has been successful in both respects.”

Critical Infrastructure

While Thyssenkrupp has denied that any critical systems had been compromised, this attack highlights the need to protect industrial systems to safeguard critical national infrastructure.

Researchers have previously warned that security weaknesses in industrial control systems could allow hackers to create cataclysmic failures in infrastructure.

The United States has for example already passed legislation that would protect its electricity grid from cyber attacks.

The GRID Act directs the FERC (Federal Energy Regulatory Commission) to take measures to protect the electricity grid from telecommunications intrusions.

Quiz: Are you a security pro?